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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )^| Responsive to communication(s) filed on 31 July 2008 . 
2a )□ This action is FINAL. 2b)£3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^3 Claim(s) 9,27,29 and 33-52 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) D Claim(s) 9,27,29,43,44 and 51 is/are rejected. 

7) ^3 Claim(s) 33-42,45-50 and 52 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) L~H The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)^ accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 0 Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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1) □ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO/SB/08) 5 ) □ Notice of Informal Patent Application 

Paper No(s)/Mail Date . 6) □ Other: . 
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DETAILED ACTION 

This office action is in response to amendment and request for reconsideration filed on 
July 31, 2008. Original application contained Claims 1-32. Applicant previously amended 
Claims 9, 27, 29, and 33-37. Applicant previously cancelled Claims 1-8, 10-26, 28, 30-32, and 
added new Claims 33-42. Applicant currently amended 40-42, and added new Claims 44-52. The 
amendment filed on July 31, 2008 have been entered and made of record. 

Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1 .17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1.1 14, and the fee set forth in 37 CFR 1.17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.1 14. Applicant's submission filed on July 31, 2008 has been entered. 

Allowable Subject Matter 

2. Claims 33-42, 45-50, and 52 are objected to as being dependent upon a rejected base 
claim, but would be allowable if all corresponding objected claim(s ) are merged and rewritten in 
independent form including all of the limitations of the base claim and all intervening claims. 
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Response to Arguments 

Applicant's arguments filed on July 31, 2008 have been fully considered but they are not 
persuasive because of the following reasons: 

Regarding Claims 9 and 27 applicants argued that in the system of cited prior arts 
[Dascalu U. S. Patent 6,754,713] "Dascalu merely discusses access rules 10 to detect a protocol 
error (e.g., attempting to establish an FTP session with a Telenet server). However, Dascalu 
does not discuss any authentication functions. As taught by Dascalu, it appears that protocol 
scanner 16 assumes that it correctly knows which devices are communicating in the session". 

This is not found persuasive. The system of cited prior art, the Protocol Scanner, is a set 
of software routines that scans data in Received Data Buffer and compares it with Access Rules 
to determine whether the message is permitted or not. When Protocol Scanner 16 detects an 
event which is not permitted, Protocol Scanner generates a message which will terminate the 
communication session in which that event took place. And if Protocol Scanner detects that an 
event not permitted according to Access Rules occurred over the network, a session wall issues a 
message which will terminate that communication session. Accordingly, a session wall sends a 
message to both parties involved in the session. In a message to the server, a session wall either 
notifies that the client wishes to close the current session, or it sends a specific "terminate 
session" message to the server using the particular communication protocol used by the server. 
That message causes the server to stop responding to additional client messages in that specific 
session (col. 4 line 25 to line 60). 
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Thus, the system of cited prior art provides a system that relates to system security 
architecture for devices which are accessed through a communication network. 
Therefore, the examiner asserts that the system of cited prior arts does teach or suggest the 
subject matter broadly recited in independent Claims 1, 27, 29, 43, and 51 and in subsequent 
dependent Claims. Accordingly, rejection for claims 9, 27, 29, 43-44, and 51 is respectfully 
maintained. 



Claim Rejections - 35 USC § 102 



The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 



4. Claims 9, 27, 29, 43-44, and 5 1 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Dascalu U. S. Patent 6,754,713. 

Regarding Claim 9 teaches and describes a apparatus (Fig. 1-3, col.2 line 20 to col.3 line 60), 
comprising: at least a first application; an authentication component configured to authenticate a 
communicating device; an access control component accessible by a communicating device 
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requesting access to the first application without the communicating device having been 
authenticated by the authentication means, and arranged to arbitrate whether access of the 
communicating device to the first application is granted or refused wherein if the arbitration 
requires an authentication of the communicating device, the access control component 
configured instructs the authentication component to authenticate the communicating device, 
wherein the access control component is configured receives indications originating from the 
communicating device identifying the communicating device and the application requested (col.4 
line 25 to col.5 line 67). 

Regarding Claim 27 Dascalu teaches and describes a apparatus ((Fig. 1-3, col.2 line 20 to 
col.3 line 60), comprising: at least first and second applications; authentication component for 
authenticating a communicating device; first access control component accessible by a 
communicating device requesting access to the first application without the communicating 
device having been authenticated by the authentication means, and arranged to arbitrate whether 
access of the communicating device to the first application is granted or refused wherein if the 
arbitration requires an authentication of the communicating device, the access control component 
configured to instructs the authentication component to authenticate the communicating device; 
second access control component configured to accessible by a communicating device requesting 
access to the second application without the communicating device having been authenticated 
by the authentication means, and arranged to arbitrate whether access of the communicating 
device to the second application is granted or refused wherein if the arbitration requires an 
authentication of the communicating device, the second access control component instructs the 
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authentication component to authenticate the communicating device, wherein the first access 
control component is accessible by a communicating device requesting access to the second 
application without the communicating device having been authenticated by the authentication 
means, and is arranged to provide the access of the communicating device to the second access 
control component (col.4 line 25 to col.5 line 67). 

Regarding Claim 29 Dascalu teaches and describes a method of arbitrating the access of 
a requesting device to a service provided by a providing device ((Fig. 1-3, col.2 line 20 to col.3 line 
60) comprising: sending a request to access the service from the requesting device to the 
providing device; receiving the request at the providing device and passing it, without 
authenticating the requesting device, to an arbitration component interfacing the service; 
determining, in the arbitration means, whether to grant or refuse access to the first application 
by the requesting device, wherein if the determination requires an authentication of the 
requesting device, the authentication is performed during that determination and not previously, 
wherein the determination is made on the basis of the identity of service requested and/or the 
identity of the requesting device (col.4 line 25 to col.5 line 67). 

Regarding Claim 43 Dascalu teaches and describes a method comprising: receiving a 
request to access an application and passing it, without authenticating the requesting device, to 
an arbitration component interfacing the service; and determining, in the arbitration component, 
whether to grant or refuse access to the application, wherein if the determination requires an 
authentication of the requesting device, the authentication is performed during that 
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determination and not previously, wherein the determination is made on the basis of the identity 
of the application requested (col.4 line 25 to col.5 line 67). 

Regarding Claim 5 1 Dascalu teaches and describes a computer readable storage medium 
encoded with instructions that, when executed by a processor, perform (Fig. 1-3, col.2 line 20 to 
col.3 line 60): 

receiving a request to access an application and passing it, without authenticating the requesting 
device, to an arbitration component interfacing the service; and 

determining, in the arbitration component, whether to grant or refuse access to the application, 
wherein if the determination requires an authentication of the requesting device, the 
authentication is performed during that determination and not previously, wherein the 
determination is made on the basis of the identity of the application requested (col.4 line 25 to 
col.5 line 67).. 

As per Claim 44, Dascalu teaches and describes a method wherein the determination is 
made on the basis of the identity of the requesting device (col.5 line 5 to line 20). 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to SYED ZIA whose telephone number is (571)272-3798. The 
examiner can normally be reached on 9:00 to 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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August 29, 2008 
/Syed Zia/ 

Primary Examiner, Art Unit 2131 



